Troy Hunt

NOVEMBER 19, 2020

Here's what I found after checking over 74k addresses: Only 55% of the addresses in the sample set had been seen before (after loading the complete data set into HIBP, that number rose to 65%). Passwords like "Ashtro1969", "Odette1978" and, perhaps unsurprisingly given the file I was looking at, "ilovechordie".

Passwords 364

Passwords Password Management Accountability Risk 364

Troy Hunt

JUNE 25, 2018

Pretty much every day, I get a reminder from someone about how little people know about their exposure in data breaches. Frequently, it's some long-forgotten site they haven't even thought about in years and also frequently, the first people know of these incidents is via HIBP: large @ticketfly data breach.

Passwords 278

Passwords Data breaches Password Management Accountability 278

Krebs on Security

AUGUST 12, 2020

As KrebsOnSecurity observed back in 2018 , many people — particularly older folks — proudly declare they avoid using the Web to manage various accounts tied to their personal and financial data — including everything from utilities and mobile phones to retirement benefits and online banking services.

Accountability 358

Accountability Mobile Banking Passwords 358

Krebs on Security

JANUARY 17, 2019

The dump, labeled “ Collection #1 ” and approximately 87GB in size, was first detailed earlier today by Troy Hunt , who operates the HaveIBeenPwned breach notification service. Hunt said the data cache was likely “made up of many different individual data breaches from literally thousands of different sources.”

Passwords 55

Passwords Accountability Hacking Password Management 55

Security Affairs

JANUARY 10, 2019

The motivation is not accepted by some users that commenting to the post claim they were locked out of their accounts even if they were using strong passwords and not using the Reddit credentials on other websites. If confirmed this means that Reddit was the victim of a data breach. SecurityAffairs – Reddit, data breach).

Accountability 107

Accountability Data breaches Passwords Advertising 107

Krebs on Security

FEBRUARY 18, 2019

This post seeks to document the extent of those attacks, and traces the origins of this overwhelmingly successful cyber espionage campaign back to a cascading series of breaches at key Internet infrastructure providers. From early 2014 until December 2018, ns0.idm.net.lb From early 2014 until December 2018, ns0.idm.net.lb

DNS 279

DNS Internet Internet Government 279

Malwarebytes

AUGUST 16, 2023

The site confirms that there has been a data breach The stolen information could include your discord.io username and your Discord ID, your email-address, your billing address, and a salted and hashed password if you signed up in 2018 or earlier. (In In 2018 discord.io Change your password.

Data breaches 98

Data breaches Passwords Authentication Phishing 98

Troy Hunt

NOVEMBER 7, 2018

The first one was about HSBC disclosing a "security incident" which, upon closer inspection, boiled down to this: The security incident that HSBC described in its letter seems to fit the characteristics of brute-force password-guessing attempts, also known as a credentials stuffing attack. link] — Troy Hunt (@troyhunt) November 6, 2018.

Passwords 252

Passwords Accountability Hacking Education 252

Security Affairs

SEPTEMBER 14, 2018

The operator of the service shared the file with the popular expert Troy Hunt who operates the Have I Been Pwned data breach notification service asking him to check the source of the huge trove of data. The data is not related to a data breach of kayo.moe, the platform was not impacted by any incident.

Data breaches 111

Data breaches Passwords Advertising Password Management 111

Approachable Cyber Threats

APRIL 9, 2021

This magnitude reminds of us of the 500 million people that were impacted in the data breach at Marriott. Oddly, Facebook initially dismissed the reports as irrelevant, citing that the data was leaked years ago so it didn’t matter now. What is a data breach?” What is data scraping?” spreadsheet).

Data breaches 59

Data breaches Passwords Identity Theft Password Management 59

SecureWorld News

SEPTEMBER 18, 2024

Some notable cyber incidents in the past half-decade include: McDonald's (2021): The fast-food giant suffered a data breach that exposed customer and employee information in South Korea and Taiwan. Dunkin' Donuts (2015-2018): The company faced multiple credential stuffing attacks that led to unauthorized access to customer accounts.

Cybersecurity 116

Cybersecurity Data breaches Accountability Passwords 116

Security Affairs

SEPTEMBER 25, 2018

Credential stuffing attacks involve botnets to try stolen login credentials usually obtained through phishing attacks and data breaches. This kind of attacks is very efficient due to the bad habit of users of reusing the same password over multiple services. The experts detected 8.3 billion per month. billion attempts).

Passwords 108

Passwords Data breaches Advertising Password Management 108

Security Affairs

JANUARY 6, 2019

A misconfigured AWS S3 bucket is the root cause of a data leak that impacted 2.4 Blur is a popular password manager developed by the online privacy firm Abine, it also implements private browsing features and masked email. Abine discoverd the data leak on December 13. million users were impacted by the data leak.

Passwords 111

Passwords Advertising Password Management Accountability 111

Malwarebytes

JUNE 3, 2022

By focusing on this context, we hope that you’ll come away with a stronger understanding about, for instance, why you should use a password manager rather than that you should use a password manager. A video of Kanye West from 2018 purportedly revealed that the rapper and producer’s iPhone passcode was 000000.

Internet 131

Internet Internet Scams Passwords 131

Adam Levin

FEBRUARY 13, 2019

The data used in these attacks could be from different places. One six-month period last year resulted in 945 data breaches with a total of 4.5 The credentials used in stuffing exploits are acquired from a variety of sources, including black market repositories of data breach content. billion records compromised.

Risk 100

Risk Data breaches Passwords Password Management 100

Malwarebytes

MAY 19, 2021

What these names have in common is that they have all experienced at least one breach in 2013—the year when threat actors started targeting organizations across industries to either steal data for profit or leak them to “teach companies a lesson about cybersecurity.” Do they even know they have been breached?

Passwords 126

Passwords Data breaches Government Accountability 126

Malwarebytes

OCTOBER 3, 2022

I have an embarrassing confession to make: I reuse passwords. I am not a heavy re-user, nothing crazy, I use a password manager to handle most of my credentials but I still reuse the odd password from time to time. passwords each. One weird trick to improve your passwords.

Passwords 98

Passwords Password Management Accountability Internet 98

Troy Hunt

FEBRUARY 11, 2019

The 773 Million Record "Collection #1" Data Breach On Thursday 17 Jan, I loaded 773M records into Have I Been Pwned (HIBP) which I titled "Collection #1". The exposed data included email addresses and passwords stored as salted MD5 hashes. Exposed data included email addresses, private messages and phpBB salted hashes.

Passwords 219

Passwords Data breaches Media InfoSec 219

Security Affairs

AUGUST 27, 2020

The timeline of uploads might indicate that these emails have been either stolen or acquired on the black market back in October 2018 , and then gradually decrypted by the owner of the bucket. Here’s how: Create long, strong, and unique passwords that are difficult to guess, or use a password manager to generate strong passwords for you.

Social Engineering 145

Social Engineering Passwords Marketing Phishing 145

SiteLock

AUGUST 27, 2021

In fact, Ponemon Institute reported that 73% of small businesses that suffered a ransomware attack in 2018 did not pay the ransom because. An automated backup solution can ensure that all the data from your devices and server is backed up regularly. According to Ponemon, 60% of data breaches can be linked to negligence.

Ransomware 98

Ransomware Small Business Backups Encryption 98

Troy Hunt

JULY 12, 2018

I kept collecting plain text passwords as I processed data breaches with the thinking that I'd have a good sense of when the scale was sufficient to publish a V3. It's not a trivial task - crunching the data, updating the counts, dumping it into different formats, uploading tens of GBs (over Aussie internet.),

Passwords 142

Passwords Password Management Data breaches Internet 142

CyberSecurity Insiders

MAY 2, 2023

It amends the 2018 California Consumer Privacy Act (CCPA) introduced in response to rising consumer data privacy concerns. It has significantly impacted data collection and handling practices, giving consumers more control over how businesses handle their data. On the other hand, the CPRA relies on opt-out consent.

Data collection 52

Data collection Data breaches Password Management Data privacy 52

eSecurity Planet

JANUARY 27, 2022

Dashlane Password Manager provides companies with everything they need to onboard new employees, manage permissions and monitor security issues all from one place. Cisco’s acquisition of Duo Security in 2018 gave the networking giant a strong presence in both IAM and zero trust. Learn more about Twingate.

Authentication 131

Authentication Artificial Intelligence Technology Marketing 131

Malwarebytes

MARCH 17, 2021

Several effective Mac-facing miners joined the crypto-rush in 2018. In the 2020 State of Malware Report, Malwarebytes researchers found that Mac malware—primarily backdoors, data stealers, and cryptominers—had risen by 61 percent over the previous year. There was KeRanger ransomware in 2016.

Malware 119

Malware Adware Software Passwords 119

eSecurity Planet

DECEMBER 7, 2023

Encryption can also be found incorporated into a variety of network security and cloud security solutions, such as cloud access security brokers (CASB), next-generation firewalls (NGFW), password managers , virtual private networks (VPN), and web application firewalls (WAF).

Encryption 113

Encryption Passwords IoT Firewall 113

BH Consulting

FEBRUARY 15, 2024

Its findings included data from Irish businesses, which ranked cyber attacks and data breaches as their top risk they face. Passwords: can’t live with ’em, can’t access vital online services without ’em Passwords were in the news again lately, for all the wrong reasons. It’s downloadable here.

Passwords 52

Passwords Surveillance Risk Data breaches 52

eSecurity Planet

OCTOBER 18, 2024

Aside from a 2018 antitrust lawsuit , its reputation is mostly fine, which I can’t always say about antivirus providers. There’s no history of major data leaks, aside from its security forums being breached back in 2014. Password Managers and VPNs were also considered, though their impact on my overall grade was minor.

Antivirus 57

Antivirus Software Password Management Firewall 57

ForAllSecure

JANUARY 19, 2022

One of the eight required domains in the current CISSP certification process is Identity and Access Management, or IAM. You might not think of it as a major aspect of security and yet, stolen credentials are really the key to data breaches today. He loves password managers. I use a password manager.

Passwords 52

Passwords Authentication Mobile Password Management 52

eSecurity Planet

DECEMBER 3, 2021

Brian Krebs is an independent investigative reporter known for his coverage of technology, malware , data breaches , and cybercrime developments. ICYMI, Equifax forced to pull offline a huge database of consumer data guarded only by credentials "admin/admin" [link] — briankrebs (@briankrebs) September 13, 2017.

Accountability 139

Accountability Cybersecurity Penetration Testing InfoSec 139

eSecurity Planet

MARCH 19, 2025

Other features include ad blocking and password management. It adds password management and protection for eight devices. per month, offers a lot of bang for its buck, with features like personal data leak removal and webcam protection. Both mid-range plans have features like password management and ad blocking.

VPN 57

VPN Antivirus Password Management Mobile 57

Troy Hunt

FEBRUARY 14, 2018

Getting to the point of all this, the other day I shared a couple of tweets: Tempted to write a smack down on the use of this term versus the reality of where these breaches are sourced from, what do you think? — Troy Hunt (@troyhunt) February 1, 2018. Or take the CloudPets situation - exposed Mongo DB with no credentials on it.

Data breaches 239

Data breaches Passwords Marketing Hacking 239